Sona is hiring a Compliance Manager to own and evolve our security and compliance foundations. This is a hands-on, InfoSec-led role with ISO 27001 certification as an immediate priority and SOC 2 in the medium term. You will have the opportunity to fully own and craft a robust, scalable compliance programme in our fast-growing software business.

What You'll Do

Own and lead information security across the business, including policies, controls and risk management.
Lead external certifications and audits for standards such as ISO 27001, GDPR, SOC 2, and Cyber Essentials.
Work cross-functionally to advise teams on risk and data security, supporting them with use of new tools and AI adoption.
Translate security and compliance requirements into concrete systems, tools and processes.
Own or lead implementation of technical controls like access management, logging, monitoring, incident response, and device management.
Act as the primary point of contact for RFPs, customer security reviews, questionnaires and audits.
Support and develop AML compliance, extending depth over time where needed.

What We're Looking For

5+ years of experience in information security, compliance or closely related roles.
Hands-on experience leading or materially contributing to external certifications like ISO 27001, GDPR, SOC 2, or Cyber Essentials.
Experience in a SaaS or technology environment, ideally within a startup or scale-up.
A strong, practical understanding of security controls and how to implement them in practice.
Experience working directly with tools, vendors and configurations, not purely in an advisory capacity.
A pragmatic, risk-based mindset with the ability to push back clearly and constructively.

Nice to Have

Exposure to US customers or US compliance expectations.
Familiarity with AML or adjacent compliance areas, with a willingness to deepen expertise.

Team & Environment

You will join our 120+ person company and sit within the Legal & Compliance function, reporting to the General Counsel. We are still small enough that you’ll have a significant impact on the company’s growth trajectory and culture, yet large enough to have a great structure and experienced leaders.

Benefits & Compensation

Salary: £75,000-£85,000
Share options
35 days annual leave (25 days standard plus 10 flexible public holiday days)
An extra day of leave for every year of service
Pension contributions matched up to 5%
Comprehensive health insurance
Enhanced parental leave & pay
Co-working space stipend for those based outside London
Annual all expenses paid team retreats
The latest Macbook and equipment budget for your home office
Professional development budget
Unlimited free books